Enforcing compliance with administrative requirements relating to using computing resources

1. A method, comprising: determining, by a computing device, an instance of a workload to be run on one or more cloud computing platforms; identifying, by the computing device, one or more objects on the one or more cloud computing platforms to be used by the one or more cloud computing platforms to run the instance of the workload; receiving, by the computing device, data describing one or more actual configurations of the one or more objects; receiving, by the computing device, one or more rules restricting a use of the one or more objects to one or more required configurations; searching, by the computing device, for one or more violations of the one or more rules by comparing the one or more actual configurations to the one or more required configurations; executing, by the computing device and in response to one or more identifications of the one or more violations, a response to the one or more violations that changes the one or more actual configurations of the one or more objects on the one or more cloud computing platforms to the one or more required configurations; and causing, by the computing device, the one or more cloud computing platforms to run the instance of the workload with the one or more objects in the one or more required configurations.

2. The method of claim 1 , wherein the identifying the one or more objects further comprises: querying one or more respective cloud management platforms of the one or more cloud computing platforms for an identification of the one or more objects being used on the respective one or more cloud computing platforms; retrieving the identification of the one or more objects being used from a database storing a record of user activities; or a practicable combination thereof.

3. The method of claim 1 , wherein the receiving the data further comprises: querying the one or more cloud computing platforms for the data; querying a database for the data, wherein the database is independent of the one or more cloud computing platforms; storing the data in the database; or a practicable combination thereof.

4. The method of claim 1 , wherein the data describing the one or more objects include: user-defined data, historical data, real-time data, one or more configuration details of a server, one or more configuration parameters for the workload, one or more configuration details of a virtual network, one or more configuration details of a virtual machine, one or more configuration details of an operating system, one or more configuration details of software, one or more configuration details of hardware, one or more configuration details of a cluster, one or more configuration details of a network, one or more details of a remote script, one or more details of a pod of containers, one or more details of a load balancer, or a practicable combination thereof.

5. The method of claim 1 , wherein the receiving the one or more rules further comprises: receiving a user-defined rule; receiving one or more descriptions of what one or more specific objects in the one or more objects includes, excludes, or a practicable combination thereof; receiving a rule checking for a permitted geographic location of a given workload, a prohibited geographic location of a given workload, or a practicable combination thereof; receiving a rule checking for one or more known vulnerabilities; receiving a rule checking for a cost to implement one or more specific objects in the one or more objects; receiving a rule checking for a percentage of a license that has been used, a percentage of a license that has been not been used, or a practicable combination thereof; receiving a rule checking for a newer version of cloud management software; receiving a rule checking if a usage quota has been exceeded, the usage quota has not been exceeded, or a practicable combination thereof; receiving a rule checking for missing tags, present tags, or a practicable combination thereof; receiving a rule checking for compliance with one or more compliance parameters for a server; receiving a rule checking for compliance with one or more compliance parameters for the workload; or a practicable combination thereof.

6. The method of claim 1 , wherein the response comprises one or more of: a user-defined response; storing the data describing the one or more objects; changing one or more configurations of one or more computing resources; sending one or more text messages, e-mails, or a practicable combination thereof to a user; applying a patch; determining that a patch is not to be applied; moving the workload from the one or more cloud computing platforms to a different cloud computing platform; powering down of a virtual machine; powering up of a virtual machine; stopping execution of an action; or a practicable combination thereof.

7. An apparatus, comprising: means for determining an instance of a workload to be run on one or more cloud computing platforms; means for identifying one or more objects on the one or more cloud computing platforms to be used by the one or more cloud computing platforms to run the instance of the workload; means for receiving data describing one or more actual configurations of the one or more objects; means for receiving one or more rules restricting a use of the one or more objects to one or more required configurations; means for searching for one or more violations of the one or more rules by comparing the one or more actual configurations to the one or more required configurations; means for executing, in response to one or more identifications of the one or more violations, a response to the one or more violations that changes the one or more actual configurations of the one or more objects on the one or more cloud computing platforms to the one or more required configurations; and means for causing the one or more cloud computing platforms to run the instance of the workload with the one or more objects in the one or more required configurations.

8. The apparatus of claim 7 , wherein the means for identifying the one or more objects further comprises: means for querying one or more respective cloud management platforms of the one or more cloud computing platforms for an identification of the one or more objects being used on the respective one or more cloud computing platforms; means for retrieving the identification of the one or more objects being used from a database storing a record of user activities; or a practicable combination thereof.

9. The apparatus of claim 7 , wherein the means for receiving the data further comprises: means for querying the one or more cloud computing platforms for the data; means for querying a database for the data, wherein the database is independent of the one or more cloud computing platforms; means for storing the data in the database; or a practicable combination thereof.

10. The apparatus of claim 7 , wherein the data describing the one or more objects include: user-defined data, historical data, real-time data, one or more configuration details of a server, one or more configuration parameters for the workload, one or more configuration details of a virtual network, one or more configuration details of a virtual machine, one or more configuration details of an operating system, one or more configuration details of software, one or more configuration details of hardware, one or more configuration details of a cluster, one or more configuration details of a network, one or more details of a remote script, one or more details of a pod of containers, one or more details of a load balancer, or a practicable combination thereof.

11. The apparatus of claim 7 , wherein the means for receiving the one or more rules further comprises: means for receiving a user-defined rule; means for receiving one or more descriptions of what one or more specific objects in the one or more objects includes, excludes, or a practicable combination thereof; means for receiving a rule checking for a permitted geographic location of a given workload, a prohibited geographic location of a given workload, or a practicable combination thereof; means for receiving a rule checking for one or more known vulnerabilities; means for receiving a rule checking for a cost to implement one or more specific objects in the one or more objects; means for receiving a rule checking for a percentage of a license that has been used, a percentage of a license that has been not been used, or a practicable combination thereof; means for receiving a rule checking for a newer version of cloud management software; means for receiving a rule checking if a usage quota has been exceeded, the usage quota has not been exceeded, or a practicable combination thereof; means for receiving a rule checking for missing tags, present tags, or a practicable combination thereof; means for receiving a rule checking for compliance with one or more compliance parameters for a server; means for receiving a rule checking for compliance with one or more compliance parameters for the workload; or a practicable combination thereof.

12. The apparatus of claim 7 , wherein the response comprises one or more of: a user-defined response; storing the data describing the one or more objects; changing one or more configurations of one or more computing resources; sending one or more text messages, e-mails, or a practicable combination thereof to a user; applying a patch; determining that a patch is not to be applied; moving the workload from the one or more cloud computing platforms to a different cloud computing platform; powering down of a virtual machine; powering up of a virtual machine; stopping execution of an action; or a practicable combination thereof.

13. An apparatus, comprising: a processor; and a memory coupled to the processor and configured to cause the processor to create specific logic circuits within the processor, wherein the specific logic circuits are configured to cause the processor to: determine an instance of a workload to be run on one or more cloud computing platforms; identify one or more objects on the one or more cloud computing platforms to be used by the one or more cloud computing platforms to run the instance of the workload; receive data describing one or more actual configurations of the one or more objects; receive one or more rules restricting a use of the one or more objects; objects to one or more required configurations; search for one or more violations of the one or more rules by comparing the one or more actual configurations to the one or more required configurations; execute, in response to one or more identifications of the one or more violations, a response to the one or more violations that changes the one or more actual configurations of the one or more objects on the one or more cloud computing platforms to the one or more required configurations; and cause the one or more cloud computing platforms to run the instance of the workload with the one or more objects in the one or more required configurations.

14. The apparatus of claim 13 , wherein the processor is configured to identify the one or more objects by: querying one or more respective cloud management platforms of the one or more cloud computing platforms for an identification of the one or more objects being used on the respective one or more cloud computing platforms; retrieving the identification of the one or more objects being used from a database storing a record of user activities; or a practicable combination thereof.

15. The apparatus of claim 13 , wherein the processor is configured to receive the data by: querying the one or more cloud computing platforms for the data; querying a database for the data, wherein the database is independent of the one or more cloud computing platforms; storing the data in the database; or a practicable combination thereof.

16. The apparatus of claim 13 , wherein the data describing the one or more objects include: user-defined data, historical data, real-time data, one or more configuration details of a server, one or more configuration parameters for the workload, one or more configuration details of a virtual network, one or more configuration details of a virtual machine, one or more configuration details of an operating system, one or more configuration details of software, one or more configuration details of hardware, one or more configuration details of a cluster, one or more configuration details of a network, one or more details of a remote script, one or more details of a pod of containers, one or more details of a load balancer, or a practicable combination thereof.

17. The apparatus of claim 13 , wherein the processor is configured to receive the one or more rules by: receiving a user-defined rule; receiving one or more descriptions of what one or more specific objects in the one or more objects includes, excludes, or a practicable combination thereof; receiving a rule checking for a permitted geographic location of a given workload, a prohibited geographic location of a given workload, or a practicable combination thereof; receiving a rule checking for one or more known vulnerabilities; receiving a rule checking for a cost to implement one or more specific objects in the one or more objects; receiving a rule checking for a percentage of a license that has been used, a percentage of a license that has been not been used, or a practicable combination thereof; receiving a rule checking for a newer version of cloud management software; receiving a rule checking if a usage quota has been exceeded, the usage quota has not been exceeded, or a practicable combination thereof; receiving a rule checking for missing tags, present tags, or a practicable combination thereof; receiving a rule checking for compliance with one or more compliance parameters for a server; receiving a rule checking for compliance with one or more compliance parameters for the workload; or a practicable combination thereof.

18. The apparatus of claim 13 , wherein the response comprises one or more of: a user-defined response; storing the data describing the one or more objects; changing one or more configurations of one or more computing resources; sending one or more text messages, e-mails, or a practicable combination thereof to a user; applying a patch; determining that a patch is not to be applied; moving the workload from the one or more cloud computing platforms to a different cloud computing platform; powering down of a virtual machine; powering up of a virtual machine; stopping execution of an action; or a practicable combination thereof.

19. A non-transitory computer-readable medium, comprising: processor-executable instructions stored thereon configured to cause a processor to: determine an instance of a workload to be run on one or more cloud computing platforms; identify one or more objects on the one or more cloud computing platforms to be used by the one or more cloud computing platforms to run the instance of the workload; receive data describing one or more actual configurations of the one or more objects; receive one or more rules restricting a use of the one or more objects; objects to one or more required configurations; search for one or more violations of the one or more rules by comparing the one or more actual configurations to the one or more required configurations; execute, in response to one or more identifications of the one or more violations, a response to the one or more violations that changes the one or more actual configurations of the one or more objects on the one or more cloud computing platforms to the one or more required configurations; and cause the one or more cloud computing platforms to run the instance of the workload with the one or more objects in the one or more required configurations.

20. The non-transitory computer-readable medium of claim 19 , wherein the processor-executable instructions configured to cause the processor to identify the one or more objects further comprises processor-executable instructions configured to cause the processor to: query one or more respective cloud management platforms of the one or more cloud computing platforms for an identification of the one or more objects being used on the respective one or more cloud computing platforms; retrieve the identification of the one or more objects being used from a database storing a record of user activities; or a practicable combination thereof.

21. The non-transitory computer-readable medium of claim 19 , wherein the processor-executable instructions configured to cause the processor to receive the data further comprises processor-executable instructions configured to cause the processor to: query the one or more cloud computing platforms for the data; query a database for the data, wherein the database is independent of the one or more cloud computing platforms; store the data in the database; or a practicable combination thereof.

22. The non-transitory computer-readable medium of claim 19 , wherein the data describing the one or more objects include: user-defined data, historical data, real-time data, one or more configuration details of a server, one or more configuration parameters for the workload, one or more configuration details of a virtual network, one or more configuration details of a virtual machine, one or more configuration details of an operating system, one or more configuration details of software, one or more configuration details of hardware, one or more configuration details of a cluster, one or more configuration details of a network, one or more details of a remote script, one or more details of a pod of containers, one or more details of a load balancer, or a practicable combination thereof.

23. The non-transitory computer-readable medium of claim 19 , wherein the processor-executable instructions configured to cause the processor receive the one or more rules further comprises processor-executable instructions configured to cause the processor to: receive a user-defined rule; receive one or more descriptions of what one or more specific objects in the one or more objects includes, excludes, or a practicable combination thereof; receive a rule checking for a permitted geographic location of a given workload, a prohibited geographic location of a given workload, or a practicable combination thereof; receive a rule checking for one or more known vulnerabilities; receive a rule checking for a cost to implement one or more specific objects in the one or more objects; receive a rule checking for a percentage of a license that has been used, a percentage of a license that has been not been used, or a practicable combination thereof; receive a rule checking for a newer version of cloud management software; receive a rule checking if a usage quota has been exceeded, the usage quota has not been exceeded, or a practicable combination thereof; receive a rule checking for missing tags, present tags, or a practicable combination thereof; receive a rule checking for compliance with one or more compliance parameters for a server; receive a rule checking for compliance with one or more compliance parameters for the workload; or a practicable combination thereof.

24. The non-transitory computer-readable medium of claim 19 , wherein the response comprises one or more of: a user-defined response; storing the data describing the one or more objects; changing one or more configurations of one or more computing resources; sending one or more text messages, e-mails, or a practicable combination thereof to a user; applying a patch; determining that a patch is not to be applied; moving the workload from the one or more cloud computing platforms to a different cloud computing platform; powering down of a virtual machine; powering up of a virtual machine; stopping execution of an action; or a practicable combination thereof.